What We Do

What We Do

CTIIC integrates cyber threat intelligence, builds innovative partnerships and capabilities, unifies cyber collection, and aligns cyber funding to national priorities.


  • Integrate Cyber Threat Intelligence

    CTIIC integrates IC and commercial cyber intelligence to inform a variety of audiences from senior policy makers to network defenders. CTIIC also leads the IC’s intelligence support to government incident response efforts.


  • Build Innovative Partnerships and Capabilities

    CTIIC engages in partnerships across the IC and USG, and with foreign, and industry partners to increase visibility into cyber threats, support enhanced processing and sharing of cyber intelligence, incubate new cyber capabilities, and further the development of the IC’s cyber workforce.


  • Guide IC Investment and Strategic Priorities

    CTIIC collaborates with IC elements to identify opportunities to integrate cyber collection, data exploitation, and analysis across the IC and to align funding to national priorities.


Presidential Policy Directive (PPD) 41 on Cyber Incident Coordination designates CTIIC as one of three Federal lead agencies (with DHS and FBI) responsible for the coordination response to a significant cyber incident. CTIIC is designated in PPD 41 as the Federal lead agency for intelligence support and related activities for significant cyber incidents.


CTIIC’s National Intelligence Manager for Cyber implements the integrated mission management responsibilities in Intelligence Community Directive 900.